mirror of
https://github.com/nmap/nmap.git
synced 2025-12-10 17:59:04 +00:00
Change a little over 10 malloc()s and realloc()s to their safe_* equivalents (which let's us get rid a two checks on the returned mem elsewhere in the code).
This commit is contained in:
kris
2
main.cc
2
main.cc
@@ -373,7 +373,7 @@ int main(int argc, char *argv[]) {
|
|||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
fakeargc = 1;
|
fakeargc = 1;
|
||||||
fakeargv = (char **) malloc(sizeof(char *) * 2);
|
fakeargv = (char **) safe_malloc(sizeof(char *) * 2);
|
||||||
fakeargv[0] = nmappath;
|
fakeargv[0] = nmappath;
|
||||||
fakeargv[1] = NULL;
|
fakeargv[1] = NULL;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -222,7 +222,7 @@ static struct AVal *fingerprint_iptcppacket(struct ip *ip, int mss, u32 syn) {
|
|||||||
char *p,*q;
|
char *p,*q;
|
||||||
struct tcp_hdr *tcp = ((struct tcp_hdr *) (((char *) ip) + 4 * ip->ip_hl));
|
struct tcp_hdr *tcp = ((struct tcp_hdr *) (((char *) ip) + 4 * ip->ip_hl));
|
||||||
|
|
||||||
AVs = (struct AVal *) malloc(6 * sizeof(struct AVal));
|
AVs = (struct AVal *) safe_malloc(6 * sizeof(struct AVal));
|
||||||
|
|
||||||
/* Link them together */
|
/* Link them together */
|
||||||
AVs[0].next = &AVs[1];
|
AVs[0].next = &AVs[1];
|
||||||
|
|||||||
@@ -731,7 +731,7 @@ char* formatScriptOutput(struct script_scan_result ssr) {
|
|||||||
char* xml_convert (const char* str) {
|
char* xml_convert (const char* str) {
|
||||||
char *temp, ch=0, prevch = 0, *p;
|
char *temp, ch=0, prevch = 0, *p;
|
||||||
int strl = strlen(str);
|
int strl = strlen(str);
|
||||||
temp = (char *) malloc(strl*6+1);
|
temp = (char *) safe_malloc(strl*6+1);
|
||||||
char *end = temp + strl * 6 + 1;
|
char *end = temp + strl * 6 + 1;
|
||||||
for (p = temp;(prevch = ch, ch = *str);str++) {
|
for (p = temp;(prevch = ch, ch = *str);str++) {
|
||||||
char *a;
|
char *a;
|
||||||
@@ -764,7 +764,7 @@ char* xml_convert (const char* str) {
|
|||||||
Strncpy(p,a, end - p - 1); p += strlen(a); // SAFE
|
Strncpy(p,a, end - p - 1); p += strlen(a); // SAFE
|
||||||
}
|
}
|
||||||
*p = 0;
|
*p = 0;
|
||||||
temp = (char *) realloc(temp,strlen(temp)+1);
|
temp = (char *) safe_realloc(temp,strlen(temp)+1);
|
||||||
return temp;
|
return temp;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -1601,8 +1601,7 @@ int ServiceNFO::currentprobe_timemsleft(const struct timeval *now) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
void ServiceNFO::appendtocurrentproberesponse(const u8 *respstr, int respstrlen) {
|
void ServiceNFO::appendtocurrentproberesponse(const u8 *respstr, int respstrlen) {
|
||||||
currentresp = (u8 *) realloc(currentresp, currentresplen + respstrlen);
|
currentresp = (u8 *) safe_realloc(currentresp, currentresplen + respstrlen);
|
||||||
assert(currentresp);
|
|
||||||
memcpy(currentresp + currentresplen, respstr, respstrlen);
|
memcpy(currentresp + currentresplen, respstr, respstrlen);
|
||||||
currentresplen += respstrlen;
|
currentresplen += respstrlen;
|
||||||
}
|
}
|
||||||
|
|||||||
17
tcpip.cc
17
tcpip.cc
@@ -1986,10 +1986,7 @@ if (timedout) {
|
|||||||
}
|
}
|
||||||
*len = head.caplen - offset;
|
*len = head.caplen - offset;
|
||||||
if (*len > alignedbufsz) {
|
if (*len > alignedbufsz) {
|
||||||
alignedbuf = (char *) realloc(alignedbuf, *len);
|
alignedbuf = (char *) safe_realloc(alignedbuf, *len);
|
||||||
if (!alignedbuf) {
|
|
||||||
fatal("Unable to realloc %d bytes of mem", *len);
|
|
||||||
}
|
|
||||||
alignedbufsz = *len;
|
alignedbufsz = *len;
|
||||||
}
|
}
|
||||||
memcpy(alignedbuf, p, *len);
|
memcpy(alignedbuf, p, *len);
|
||||||
@@ -2508,8 +2505,8 @@ static int collect_dnet_routes(const struct route_entry *entry, void *arg) {
|
|||||||
/* Make sure we have room for the new route */
|
/* Make sure we have room for the new route */
|
||||||
if (dcrn->numroutes >= dcrn->capacity) {
|
if (dcrn->numroutes >= dcrn->capacity) {
|
||||||
dcrn->capacity <<= 2;
|
dcrn->capacity <<= 2;
|
||||||
dcrn->routes = (struct sys_route *) realloc(dcrn->routes,
|
dcrn->routes = (struct sys_route *) safe_realloc(dcrn->routes,
|
||||||
dcrn->capacity * sizeof(struct sys_route));
|
dcrn->capacity * sizeof(struct sys_route));
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Now for the important business */
|
/* Now for the important business */
|
||||||
@@ -2544,8 +2541,8 @@ static int collect_dnet_interfaces(const struct intf_entry *entry, void *arg) {
|
|||||||
/* Make sure we have room for the new route */
|
/* Make sure we have room for the new route */
|
||||||
if (dcrn->numifaces >= dcrn->capacity) {
|
if (dcrn->numifaces >= dcrn->capacity) {
|
||||||
dcrn->capacity <<= 2;
|
dcrn->capacity <<= 2;
|
||||||
dcrn->ifaces = (struct interface_info *) realloc(dcrn->ifaces,
|
dcrn->ifaces = (struct interface_info *) safe_realloc(dcrn->ifaces,
|
||||||
dcrn->capacity * sizeof(struct interface_info));
|
dcrn->capacity * sizeof(struct interface_info));
|
||||||
}
|
}
|
||||||
if (entry->intf_addr.addr_type == ADDR_TYPE_IP) {
|
if (entry->intf_addr.addr_type == ADDR_TYPE_IP) {
|
||||||
addr_ntos(&entry->intf_addr, (struct sockaddr *) &dcrn->ifaces[numifaces].addr);
|
addr_ntos(&entry->intf_addr, (struct sockaddr *) &dcrn->ifaces[numifaces].addr);
|
||||||
@@ -2750,7 +2747,7 @@ int sd;
|
|||||||
numifaces++;
|
numifaces++;
|
||||||
if (numifaces == ii_capacity) {
|
if (numifaces == ii_capacity) {
|
||||||
ii_capacity <<= 2;
|
ii_capacity <<= 2;
|
||||||
mydevs = (struct interface_info *) realloc(mydevs, sizeof(struct interface_info) * ii_capacity);
|
mydevs = (struct interface_info *) safe_realloc(mydevs, sizeof(struct interface_info) * ii_capacity);
|
||||||
assert(mydevs);
|
assert(mydevs);
|
||||||
}
|
}
|
||||||
mydevs[numifaces].devname[0] = mydevs[numifaces].devfullname[0] = '\0';
|
mydevs[numifaces].devname[0] = mydevs[numifaces].devfullname[0] = '\0';
|
||||||
@@ -2924,7 +2921,7 @@ struct sys_route *getsysroutes(int *howmany) {
|
|||||||
numroutes++;
|
numroutes++;
|
||||||
if (numroutes >= route_capacity) {
|
if (numroutes >= route_capacity) {
|
||||||
route_capacity <<= 2;
|
route_capacity <<= 2;
|
||||||
routes = (struct sys_route *) realloc(routes, route_capacity * sizeof(struct sys_route));
|
routes = (struct sys_route *) safe_realloc(routes, route_capacity * sizeof(struct sys_route));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|||||||
6
utils.cc
6
utils.cc
@@ -312,8 +312,8 @@ else if (num_elem < 65536)
|
|||||||
bpe = sizeof(unsigned short);
|
bpe = sizeof(unsigned short);
|
||||||
else bpe = sizeof(unsigned int);
|
else bpe = sizeof(unsigned int);
|
||||||
|
|
||||||
bytes = (unsigned char *) malloc(bpe * num_elem);
|
bytes = (unsigned char *) safe_malloc(bpe * num_elem);
|
||||||
tmp = (unsigned char *) malloc(elem_sz);
|
tmp = (unsigned char *) safe_malloc(elem_sz);
|
||||||
|
|
||||||
get_random_bytes(bytes, bpe * num_elem);
|
get_random_bytes(bytes, bpe * num_elem);
|
||||||
cptr = bytes;
|
cptr = bytes;
|
||||||
@@ -406,7 +406,7 @@ int arg_parse(const char *command, char ***argv) {
|
|||||||
if (Strncpy(mycommand, command, 4096) == -1) {
|
if (Strncpy(mycommand, command, 4096) == -1) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
myargv = (char **) malloc((MAX_PARSE_ARGS + 2) * sizeof(char *));
|
myargv = (char **) safe_malloc((MAX_PARSE_ARGS + 2) * sizeof(char *));
|
||||||
memset(myargv, 0, (MAX_PARSE_ARGS+2) * sizeof(char *));
|
memset(myargv, 0, (MAX_PARSE_ARGS+2) * sizeof(char *));
|
||||||
myargv[0] = (char *) 0x123456; /* Integrity checker */
|
myargv[0] = (char *) 0x123456; /* Integrity checker */
|
||||||
myargv++;
|
myargv++;
|
||||||
|
|||||||
Reference in New Issue
Block a user